

import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.hibernate.Query;
import org.hibernate.Session;

/**
 * Servlet implementation class ChangePass
 */
@WebServlet("/ChangePass")
public class ChangePass extends HttpServlet {
	private static final long serialVersionUID = 1L;
	private int UserType;
	private int userID;
	private String oldPwd;
	private String pwd;
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public ChangePass() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		PrintWriter out = response.getWriter();
		HttpSession usersession = request.getSession(true);
		usersession.getAttribute("UserType");
		oldPwd = request.getParameter("oldPwd");
		pwd = request.getParameter("pwd");
		UserType = Integer.parseInt(usersession.getAttribute("UserType").toString());
		if(UserType == 1){
			try{
				List result;
				usersession.getAttribute("hostUserID");
				userID = Integer.parseInt(usersession.getAttribute("hostUserID").toString());
				Session session = HibernateUtil.getSessionFactory().getCurrentSession();
		        session.beginTransaction();
		        String sqlString = "select * from hostusers where hostUserID = '" + userID + "' "
                        + "and password = '" + oldPwd + "'";
		        Query queryResult = session.createSQLQuery(sqlString).addEntity(hostUser.class);;
		        result = queryResult.list();
		        if(!result.isEmpty()){
		        	hostUser hostUserObj = new hostUser();
		        	hostUserObj = (hostUser) result.get(0);
		        	hostUserObj.setPassword(pwd);
		        	session.saveOrUpdate(hostUserObj);
		        	session.getTransaction().commit();
		        }
		        else{
		        	out.println("<html><head><title>host Manager</title></head><body>");
		    		out.println("<a>sql 1403: no user exits</a>");
		    		out.println("</body></html>");
		        }
			}catch(Exception ex){
				HibernateUtil.getSessionFactory().getCurrentSession().getTransaction().rollback();
			}
		}
		else{
			try{
				List result2;
				usersession.getAttribute("guestUserID");
				userID = Integer.parseInt(usersession.getAttribute("guestUserID").toString());
				Session session = HibernateUtil.getSessionFactory().getCurrentSession();
		        session.beginTransaction();
		        String sqlString2 = "select * from guestusers where guestUserID = '" + userID + "' "
                        + "and password = '" + oldPwd + "'";
		        Query queryResult = session.createSQLQuery(sqlString2).addEntity(guestUser.class);;
		        result2 = queryResult.list();
		        if(!result2.isEmpty()){
		        	guestUser guestUserObj = new guestUser();
		        	guestUserObj = (guestUser) result2.get(0);
		        	guestUserObj.setPassword(pwd);
		        	session.saveOrUpdate(guestUserObj);
		        	session.getTransaction().commit();
		        }
		        else{
		        	out.println("<html><head><title>guest Manager</title></head><body>");
		    		out.println("<a>sql 1403: no user exits</a>");
		    		out.println("</body></html>");
		        }
			}catch(Exception ex){
				HibernateUtil.getSessionFactory().getCurrentSession().getTransaction().rollback();
			}
		}
	}

}
